Hal has spent quite a lot of time analyzing various circumvention tools: software or systems created to help people get around Internet filtering, or blocking as it's more colloquially known. He has spent some time looking at this Edoors service, which aggregates the web-browsing data of people who use DynaWeb FreeGate, GPass, and FirePhoenix. These tools are all part of the Global Internet Freedom Consortium (GIFC). What many Chinese users of these tools don't seem to know is that the GIFC is an organizationfounded by Falun Gong practitioners. It is also no secret, but not well known for some reason, that members of the GIFC receive U.S. government funding. According to this 2005 report, "Since 2003, the IBB [International Broadcasting Bureau] has primarily funded Dynamic Internet Technology (DynaWeb) and UltraReach, which have each developed software to enable Chinese Internet users to access VOA and RFA websites." Human Rights in China and the FLG-affiliated Epoch Times are also clients of DynaWeb.

So the web-surfing activity of people using FLG-developed and operated tools promoted by the VOA, RFA, and HRIC is among the data being aggregated by Edoors. Hal noticed the following language in the service's FAQ:

Q: I am interested in more detailed and in-depth visit data. Are they available?

A: Yes, we can generate custom reports that cover different levels of details for your purposes, based on a fee. But data that can be used to identify a specific user are considered confidential and not shared with third parties unless you pass our strict screening test. Please contact us if you have such a need.

Read Hal's blog post for his full reaction explaining how dangerous it is to users if these services are indeed selling "data that can be used to identify a specific user," even if only to people they like...

We apologize for the confusion here. The anti-censorship ranking service is provided by one of the GIFC partners. It only publishes the popularity ranks of destination websites users visit through our anti-censorship tools. It is similar to alexa.com but is only limited to anti-censorship web traffic.

The ranking service is not authorized to access, nor can it access, the data users transmit on the wire. It is not authorized to release logs containing information on the websites any individual user visits either.

The FAQ for the ranking service was not written properly, as originally “user” there meant website owners who may be interested in getting detailed statistics on how their websites are visited through our anti-censorship tools. We apologize that we have overlooked the wording.

The GIFC partner who runs the ranking service, the World Gates’ Inc, has been notified, and that FAQ entry has been removed. Thank you for discovering the problem.

Peter Li Global Information Freedom Consortium

As of this writing, the FAQ entry is still there, but perhaps it will be removed soon?

I got in touch with Bill Xia of Dynamic Internet Technology (DIT) which runs DynaWeb and Freegate. VOA, RFA, and Human Rights in China are DIT clients in addition to the FLG-affiliated newspaper Epoch Times. He said that regardless of what that Edoors FAQ says, "DIT never gives out "personal-identifying user data."

I also e-mailed with Peter Li and asked him, given that some GIFC members get U.S. government funding, whether special access to user data has been given to the U.S. government. His response:

Yes, in some cases FBI asked us to provide logs for certain websites or destination IPs in some particular time periods, for example, they would request something like the original IPs who visited xyz.com at Jan 12, 2007, 12:20-30 EST, and the visited web pages. We provided such information as we feel we are obligated to work with law enforcement agencies in the free world.

So if you're using Freegate, etc. from China, your data could be shared with the FBI on request. Same as if you're using any U.S. information service provider.

Now that GIFC has denied selling user-identifying data, despite an FAQ that states that they do sell it, the problem is that users are left with no way to ascertain the absolute facts about usage of their data independently. They have to take GIFC's word for it. Or decide not to. Ethan Zuckerman reacted briefly to Hal's initial post on his blog, pointing out that this whole situation is a "powerful reminder of how much sensitive data circumvention sites end up holding about their users." Hal makes an important point that when using most circumvention tools - be it Freegate, or the Witopia VPN or any other tool that sends your data through a fairly centralized service - you are not safe from all snooping. You're just making a decision about who to trust more than whom, based on what your needs and concerns are:

This sort of thing demonstrates that there is no way to eliminate points of control from a network. You can only move them around so that you trust different people. In this case, Chinese users are replacing some of the trust in their local Chinese ISPs with trust in the
circumvention projects through which they are proxying their traffic. But those tools are acting as virtual ISPs themselves and so have all the potential for control (and abuse) that the local ISPs have. They can snoop on user activity; they can filter and otherwise tamper with connections; they can block P2P traffic.

There are a few tools, however, which are designed in such a way that data linking an individual user's point of origin (IP address) with their destination website is un-collectible. Tor (albeit slower in China than a VPN or Freegate) is one of them. Perhaps not coincidentally, they pointed this out on their blog on Monday:

Our architecture and design don't force the user to assume trust in us. One doesn't have to trust us. Our code is accessible and licensed under an open license. Our specifications are clearly detailed and published. Our packages follow a defined build process so the user can create the same binaries we do. Independent researchers can and do test the properties Tor provides [and help us to improve]. Moreover, The Tor software runs on a distributed network, where a single operator cannot capture or be forced to capture all users' traffic information, even under legal or coercive threat.

All of these should allow the user to trust The Tor Project as a non-for-profit company and to trust that Tor isn't surreptitiously watching the very information you're trying to protect and isn't gathering information we could be forced to disclose.

(Full disclosure: I used to be on Tor's board of directors.) It's very important to note, though, that while Tor will help you circumvent censorship, disguise your location from the websites you visit and disguse your destination from your ISP, it should not be used as a privacy solution: the exit nodes aren't secure and malicious people can capture unencrypted data going across them. The Tor people are very open about this and the reasons for it. They warn users to use end-to-end encryption for e-mail or any other sensitive communications, on top of Tor which helps to circumvent and anonymize (hide where you're coming from and where you're going).

The moral of this long story is important: when using circumvention tools, make sure you understand enough about how they work, what they're meant to be used for, and who runs them, so that you're not taking a leap of faith with people you would rather not trust.

The decision about who to trust is a personal one: I am more inclined to trust a VPN operating in the U.S. which is subject to FBI requests than a Beijing Telecom connection subject to Beijing public security bureau requests, but that's just me. Other people might feel very differently and make different choices. Some people may feel very comfortable trusting the Falun Gong... others, well, might not... It appears that the VOA, RFA, and HRIC have decided to trust them and to recommend these services to their users. Whether this concerns you or not depends on your opinion of the FLG... which is a debate beyond the scope of this post...

I use Freegate for a long time.(CoDeen sometimes, how about that?) Besides their poorly-designed webpage and one-sided webjournalism, this product proves to be the best free webbreaking tool.(though i wonder exactly how many people are using it as they feel the need to charge)

So it's going to be: you pay for your local ISP and the people behind GFW to get a normal internet life, or you pay more for the people behind GFW-breaking tools to get an abnormal internet life if you are in China.

Thinking that you are not being monitored when you are is far, far worse than knowing that you are being monitored. Giving people the expectation that they are not being monitored when they could be is also a bad, bad idea.

Also collecting any sort of log is a bad, bad idea. All it take is the Chinese government to arrest one dissident based on a log (maybe from an unsecured server or from a sleeper agent) and at that point its game over. Once there is a log, you not only have to trust that the people with access to the logs not only don't purposely give them over to the FBI, but that have the ability to keep that information safe from accidental disclosure.

All of this makes Chinese censorship quite effective. Yes, you can get around the censorship if you are a computer security expert, but most people aren't computer security experts. There is no need for the Chinese government to achieve 100% blockage to have effective censorship. All that it has to do is to have people think twice before posting at which point self-censorship kicks in. If you have to think about computer security before you post an article, then they have already won.

Something else that really bothers me is that looking over the moves and counter-moves is that I really get the sense that the Chinese government understands internet technology and security and what can and can't be done, more deeply than the people that are trying to get around the blocks.

I used to use Tor but found it too slow to bear with. Now I am using Hotspot Shield. It works fine for me. The only annoyance is the ads, but I'd rather bear with the ads than the slow speed of Tor. Do you have any information as to whether Hotspot Shield is reliable? One unexpected nuisance of using such circumvention tools that has just occured to me was that I accidentally logged onto my paypal account while I was browsing banned webpages using Hotspot Shield and that made paypal think that my account had been illegally accessed and therefore suspended it. It was quite some trouble to have it restored...

Hotspot shield is owned by an advertising marketing company called Anchor Free. Their own words in press releases indicate that they are monitoring your data for the purpose of selling the information. This is likely the worst choice as they pretty much admit your data is being monitored and sold. Below is a quote from one of their press releases.